A Close Look at the NSA’s Most Powerful Internet Attack Tool

Photo: Trevor Paglen

We already knew that the NSA has weaponized the internet, enabling it to “shoot” exploits at anyone it desires. A single web fetch, imitated by an identified target, is sufficient for the NSA to exploit its victim.

But the Edward Snowden slides and story published yesterday at The Intercept convey a wealth of new detailed information about the NSA’s technology and its limitations.

First, it’s clear that the NSA has settled on a system called QUANTUM as its preferred, if not near-universal, internet exploitation mechanism. QUANTUM is vastly more effective than just sending spam. But since its launch at NSA, the program has clearly suffered from both mission creep and target creep.

If NSA only used QUANTUM to attack wannabee terrorists attempting to read Inspire, hardly anyone would object. But instead the agency expanded it greatly, not only in target scope (including its confirmed use against Belgacom) but also in functionality.

Nicholas Weaver

Nicholas Weaver is a researcher at the International Computer Science Institute and UC Berkeley (though this opinion is his own). He focuses on network security as well as network intrusion detection, defenses for DNS resolvers, and tools for detecting ISP-introduced manipulations of a user’s network connection. Weaver received his Ph.D. in Computer Science from U.C. Berkeley.

Today QUANTUM packs a suite of attack tools, including both DNS injection (upgrading the man-on-the-side to a man-in-the-middle, allowing bogus certificates and similar routines to break SSL) and HTTP injection. That reasonable enough. But it also includes gadgets like a plug-in to inject into MySQL connections, allowing the NSA to quietly mess with the contents of a third-party’s database. (This also surprisingly suggests that unencrypted MySQL on the internet is common enough to attract NSA attention.)

And it allows the NSA to hijack both IRC and HTTP-based criminal botnets, and also includes routines which use packet-injection to create phantom servers, and even attempting (poorly) to use this for defense.

The reaching can be extensive. The most glaring example is a QUANTUMDEFENSE idea that has the NSA wiretaps look for DNS requests for NIPRnet addresses, and packet-inject a bogus DNS reply redirecting the attacker to a NSA controlled site.

NIPRNET is the Defense Department’s portion of the internet – it’s unclassified, and reachable by the public. So QUANTUMDEFENSE is a classic case of “if all you have is a hammer, all problems look like nails.” The DoD controls the DNS authority record that the attacker is looking up, and could directly send the attacker off on a wild goose chase.

Moreover, for all its utility, QUANTUM has three limitations that come through in the slides: classification bureaucracy, a limited implementation, and weaknesses on defense.

A previous mystery was how 100 “tips” (the wiretap detecting something of interesting and telling another computer about it) would result in only 5 successful “shots” (an exploitive packet received by the victim) in one test, and why previous QUANTUM slides showed an obviously broken design where the “shot” was executed by a remote computer, adding latency and reducing effectiveness. It turns out this is almost entirely due to classification.

The wiretap itself lies on the internet, in “system low” space. The logic behind the attack lives in the NSA’s classified, “system high” land.

It’s easy to send data (tips in this case) from system low to system high – from the unclassified internet to the classified NSA network. But by design, going the other way is almost impossible. A special one-way “diode” gateway controls the communication to keep information from backwashing out of the classified network.

This is the underlying reason for the split design and subsequent poor performance. NSA required the attack logic be in “system high” and the rest just flowed from that design decision. The “system high” systems needs high protection, may need to be located in a different secure location, and can’t just send out requests to the internet.

Rather than go through the bureaucratic fight to move the attack logic into “system low” (and co-located on the wiretap), the NSA sought to work around it in the case of QUANTUMHAND. Instead of targeting just any web connection for exploitation, it targeted persistent “push” connections from Facebook, where a user’s browser would leave an idle connection open, waiting for a command from the server.

This way, even the slow, broken, classified architecture could exploit Facebook users. Sadly for NSA and GCHQ (and FSB, and DGSE, and every other spy agency), Facebook turned on encryption a few months ago, which should thwart this attack.

The second limitation is revealed in the description of an experiment. The NSA/GCHQ was looking to add “pwn by keyword”: check if a user’s email through Hotmail or Yahoo mail contained any keyword and, if so, exploit them automatically.

The agencies conducted and experiment to see if this attack would work. This experiment reveals that the QUANTUMTHEORY wiretaps only look at individual packets, not complete TCP streams, making it a surprisingly limited tool.

The final limitation involves QUANTUMSMACKDOWN, the NSA’s plan to use packet injection to block attacks against DoD assets that they were testing. This seems like wishful thinking to me.

In order for this to work, the wiretap needs to identify ‘evil traffic’ headed to a Pentagon network– a hard problem further compounded by the wiretap’s packet-only nature. Even when ‘evil’ is identified, QUANTUM can only block requests and terminate replies early: By the time QUANTUM decides to terminate a connection (a problem made worse by the classification structure), the damage is likely already done.

QUANTUMSMACKDOWN can keep some bottom-feeders off the DoD networks — but only that, the bottom feeders. Any DoD network infected by such low-level adversaries deserves to be infected, and the contractors responsible fired. Professional adversaries will breeze past the QUANTUMSMACKDOWN like it doesn’t exist.

Finally, there is the big guide of possible selectors an analyst can use for targeting. There has been much back and forth about private companies also doing NSA-like data collection. Yet this single slide shows just how serious this symbiosis has become, with both private companies and the NSA using and exploiting the same information. Most of the data is involved in some form of user tracking.

Both the content networks like Google and Facebook as well as numerous ad networks have built a global network of user monitoring, so it’s natural that the NSA not only piggybacks off this monitoring but uses it to guide attacks. Behind the scenes, the NSA also performs user-linking, which allows them to fully deanonymize the supposedly “anonymous” advertisement cookies.

Everything we’ve seen about QUANTUM and other internet activity can be replicated with a surprisingly moderate budget, using existing tools with just a little modification.

The biggest limitation on QUANTUM is location: The attacker must be able to see a request which identifies the target. Since the same techniques can work on a Wi-Fi network, a $50 Raspberry Pi, located in a Foggy Bottom Starbucks, can provide any country, big and small, with a little window of QUANTUM exploitation. A foreign government can perform the QUANTUM attack NSA-style wherever your traffic passes through their country.

And that’s the bottom line with the NSA’s QUANTUM program. The NSA does not have a monopoly on the technology, and their widespread use acts as implicit permission to others, both nation-state and criminal.